Posted
by
Zonk
on Friday October 20, 2006 @12:46PM
from the they-know-what's-good-for-you dept.

An anonymous reader writes "Near the end of a story about Opera's determination to stay in the game: 'Earlier this week, Opera announced an addition that will keep it in step with its rivals. Johan Borg, a developer working on the browser, said Tuesday in a blog that the next edition, Opera 9.1, will include beefed up anti-phishing and anti-fraud features. Rather than simply indicate that a site is secure with a notation in the address bar, Opera 9.1 will also query Opera-owned servers for information on any site visited. Those that Opera has identifies as fraudulent will be automatically blocked by the browser.'"

As long as I can turn it off, or turn it off for certain types of sites, that's fine. I'm not sure what this does for me that, say, Netcraft Toolbar doesn't. Is the data stream encrypted back to Opera? Can others intercept that and use it as a spam-target tool somehow? All questions I'd want answered before I'd use it.

Another thing mentioned in the blog posting is this:
---
The requests go over HTTP, but the replies will be signed by the server to make sure they are genuine. We prefer to send information between the browser and ourselves in plain text, so our users can inspect the data we send "home".
---
So it's not like they're sending everything back to opera without telling you what it is.

It might be better if Opera simply maintained an client-side blacklist of fradulent sites/domains, which was updated in the background while the browser is running. That way they wouldn't have to track your browsing at all. If these fraudlent sites are verified by hand by people at Opera, there could only number in the tens of thousands.

Yeah. I made note of that in one of the other responses I had in here. I don't really see why this is a headline at all.

If you have a slider with Safety/security on one side, and Privacy on the other, all three browsers let you adjust where that slider falls.

Browsers have to balance timeliness of updates against the fast moving phishing schemes with letting the users feel maintain a sense of security. It's strange though, like others have mentioned, Opera Mini seems to get away with this just fine as well as your local ISP.

I wish we could just say "nothing to see here, move along..." for this article. Or at least properly word the headline to something like:

"Opera to default to real-time phishing filter" or something along those lines.